CVE-2025-8488 | Ultimate Addons for Elementor Plugin up to 2.4.6 on WordPress Setting save_hfe_compatibility_option_callback authorization

Inserito da Angelo Barbosa | Ago 1, 2025 | CVE

A vulnerability classified as problematic has been found in Ultimate Addons for Elementor Plugin up to 2.4.6 on WordPress. This affects the function save_hfe_compatibility_option_callback of the component Setting Handler. The manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2025-8488. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-8488 | Ultimate Addons for Elementor Plugin up to 2.4.6 on WordPress Setting save_hfe_compatibility_option_callback authorization

Post correlati

CVE-2024-28832 | Checkmk up to 2.0.0p39/2.1.0p44/2.2.0p27/2.3.0p6 Crash Report Page cross site scripting

CVE-2025-24016 | Wazuh up to 4.9.0 common.py as_wazuh_object deserialization

CVE-2023-47842 | Zachary Segal CataBlog Plugin up to 1.7.0 on WordPress unrestricted upload

CVE-2025-20058 | F5 BIG-IP up to 17.1.1 Message Routing Profile resource consumption (K000140947)